<?php 

	// 该逻辑没有验证数据库查询失败的情况，可自行完善
	include "../inc/dbconn.php";
	include "./inc.setToken.php";

    // 接收管理员和密码
    $adminName = $_GET["adminName"];
    $pass = md5($_GET["pass"]);

    //管理员是否存在
    $sql = "select * from user where adminName='{$adminName}'";

    $result = $conn->query($sql);

	//如果管理员存在
    if ($result->num_rows > 0){
		$row = mysqli_fetch_assoc($result);
		if ($pass == $row["pass"]){
			//密码正确
			//生成Token和过期日期
			$token = setToken();
			//7天过期
			$time_out = strtotime("+7 days");

			$sql2="update admin set token='{$token}',time_out='{$time_out}' where adminName='{$adminName}'";

			if ($conn->query($sql2) === TRUE) {
				// 登录成功
				$data['code'] = 3000;
				$data["token"] = $token;
				$data["msg"] = '登录成功';
				$data["time_out"] = $time_out;
			} else {
				//服务器错误
				$data['code'] = 3001;
				$data["msg"] = '未知错误';
			}
			
		}else{
			//密码错误
			$data['code'] = 3003;
			$data["msg"] = '密码错误';
		}
    }else{
        // 用户名不存在
		$data['code'] = 3002;
		$data["msg"] = '用户不存在';
    }
    echo json_encode($data);
 ?>